Package: php4 Tags: security Severity: grave The Hardened-PHP project has disclosed several security vulnerabilites:
<http://www.hardened-php.net/advisory_182005.77.html> <http://www.hardened-php.net/advisory_192005.78.html> <http://www.hardened-php.net/advisory_202005.79.html> <http://www.hardened-php.net/globals-problem> The "globals problem" appears to be somewhat nasty. It is not clear if it applies to stable's 4.3.10 version because the security feature which turned out to be buggy was introduced in 4.3.11, according to the fourth link above. (Maybe PHP before 4.3.11 is vulnerable to some other issue; I don't know.) As usual, the 4.4.1 release might fix additional security bugs for which no explicit advisories are released. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
